3.2.1 Ensure That Microsoft Defender for IoT Hub Is Set To 'On'

Information

Microsoft Defender for IoT acts as a central security hub for IoT devices within your organization.

Rationale:

IoT devices are very rarely patched and can be potential attack vectors for enterprise networks. Updating their network configuration to use a central security hub allows for detection of these breaches.

Impact:

Enabling Microsoft Defender for IoT will incur additional charges dependent on the level of usage.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Remediate from Azure Portal

Go to IoT Hub.

Select a IoT Hub to validate.

Select Overview in Defender for IoT.

Click on Secure your IoT solution, and complete the onboarding.

Default Value:

By default, Microsoft Defender for IoT is not enabled.

See Also

https://workbench.cisecurity.org/benchmarks/16820

Item Details

Category: RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|RA-5, 800-53|SI-4, 800-53|SI-4(4), CSCv7|3.1

Plugin: microsoft_azure

Control ID: 28a4765094da0a7f634c03871673763a4a740fdf47e6e6ab6d7fccd15489b974